Const-correct a few X509_PURPOSE and X509_TRUST functions These bits need more work (and possibly some removal) as they're very, very far from thread-safe, but rust-openssl relies on them being const-correct when targetting OpenSSL 1.1.x. Change-Id: I60531c7e90dbdbcb79c09fc440bd7c6b474172df Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60607 Auto-Submit: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Bob Beck <bbe@google.com> Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/crypto/x509/x509_trs.c b/crypto/x509/x509_trs.c index 13e5eca..71cf71d 100644 --- a/crypto/x509/x509_trs.c +++ b/crypto/x509/x509_trs.c
@@ -168,7 +168,7 @@ } int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - char *name, int arg1, void *arg2) { + const char *name, int arg1, void *arg2) { int idx; X509_TRUST *trtmp; char *name_dup;
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 34ce33e..1f5a88c 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c
@@ -177,10 +177,9 @@ return sk_X509_PURPOSE_value(xptable, idx - X509_PURPOSE_COUNT); } -int X509_PURPOSE_get_by_sname(char *sname) { - int i; +int X509_PURPOSE_get_by_sname(const char *sname) { X509_PURPOSE *xptmp; - for (i = 0; i < X509_PURPOSE_get_count(); i++) { + for (int i = 0; i < X509_PURPOSE_get_count(); i++) { xptmp = X509_PURPOSE_get0(i); if (!strcmp(xptmp->sname, sname)) { return i; @@ -209,8 +208,7 @@ int X509_PURPOSE_add(int id, int trust, int flags, int (*ck)(const X509_PURPOSE *, const X509 *, int), - char *name, char *sname, void *arg) { - int idx; + const char *name, const char *sname, void *arg) { X509_PURPOSE *ptmp; char *name_dup, *sname_dup; @@ -219,7 +217,7 @@ // This will always be set for application modified trust entries flags |= X509_PURPOSE_DYNAMIC_NAME; // Get existing entry if any - idx = X509_PURPOSE_get_by_id(id); + int idx = X509_PURPOSE_get_by_id(id); // Need a new entry if (idx == -1) { if (!(ptmp = OPENSSL_malloc(sizeof(X509_PURPOSE)))) {
diff --git a/include/openssl/x509.h b/include/openssl/x509.h index b2ac3db..c41b3a5 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h
@@ -2529,7 +2529,7 @@ OPENSSL_EXPORT int X509_TRUST_get_by_id(int id); OPENSSL_EXPORT int X509_TRUST_add(int id, int flags, int (*ck)(X509_TRUST *, X509 *, int), - char *name, int arg1, void *arg2); + const char *name, int arg1, void *arg2); OPENSSL_EXPORT void X509_TRUST_cleanup(void); OPENSSL_EXPORT int X509_TRUST_get_flags(const X509_TRUST *xp); OPENSSL_EXPORT char *X509_TRUST_get0_name(const X509_TRUST *xp);
diff --git a/include/openssl/x509v3.h b/include/openssl/x509v3.h index f5ea413..2a2e02c 100644 --- a/include/openssl/x509v3.h +++ b/include/openssl/x509v3.h
@@ -906,12 +906,13 @@ OPENSSL_EXPORT int X509_PURPOSE_get_count(void); OPENSSL_EXPORT X509_PURPOSE *X509_PURPOSE_get0(int idx); -OPENSSL_EXPORT int X509_PURPOSE_get_by_sname(char *sname); +OPENSSL_EXPORT int X509_PURPOSE_get_by_sname(const char *sname); OPENSSL_EXPORT int X509_PURPOSE_get_by_id(int id); OPENSSL_EXPORT int X509_PURPOSE_add(int id, int trust, int flags, int (*ck)(const X509_PURPOSE *, const X509 *, int), - char *name, char *sname, void *arg); + const char *name, const char *sname, + void *arg); OPENSSL_EXPORT char *X509_PURPOSE_get0_name(const X509_PURPOSE *xp); OPENSSL_EXPORT char *X509_PURPOSE_get0_sname(const X509_PURPOSE *xp); OPENSSL_EXPORT int X509_PURPOSE_get_trust(const X509_PURPOSE *xp);